So i have a problem that it's getting over my head for about a week, my company has a VPN on Azure configured that i have seen from back to back.
Virtual Network Configurations:
-Address space - 10.200.0.0/16
Subnets:
-Backend - 10.200.0.0/24
-GatewaySubnet - 10.200.1.0/27
Virtual Network Gateway:
-SKU - VpnGw1
-Gateway Type - VPN
-VPN Type - Route-based
-Public Ip Address - [IP of Gateway]
They also have Point-to-site configuration i dont know why but here is the config:
-Address space - 192.168.0.0/16
-Tunnel Type - IKev2
-Authentication type - Azure Certificate
Connections:
-Shows that is connected Site-to-Site(IpSec)
-Data in - 0 B
-Data out - 0 B
-Virtual Network Gateway - [IP of the virtual network gateway]
-Local Network Gateway - [Public ip of the company]
-Shared Key - The shared key generated
Local Network Gateway:
-IP Adress - [Public ip of the company]
-Adress space - [private network of the company]
After all this was done we added the Virtual Network to the App-service that we have on azure so that it can communicate with the private network of the company.
Configurations of the Fortigate:
Tunnel VPN:
-Remote Gateway - Ip of the Virtual Network Gateway on Azure
-Authentication Method - Pre-shared Key
-Ike Version: 2
Phase 1 Proposal:
-Algorithms - AES256-SHA256
Phase 2 Selectors:
-Local address - Private network of the company
-Remote Address - 10.200.1.0/27
Phase 2 Proposal:
-Encryption - AES256
-Authentication - SHA1
-Enable Replay Detection
-Local Port All
-Remote Port All
-Protocol All
Static route:
-Destination Subnet - 10.200.0.0/16
-Device - VPN Tunnel
Inbound Policy:
-Incoming interface - WAN
-Outgoing interface - VPN TUNNEL
-Source - Public ip address of company
-Destination Address - 10.200.0.0/16
-Accept
The Outbound Policy is literally the opposite of the Inbound and Accept also.
Is something wrong that you guys can see? it would be really helpfull for me!
Thanks to the people that will try to help!
